SDN Security Under Scrutiny

Working From Home On 4G

In April 2015, my partner and I decided it was time to move in to our own (first) place together. As a teleworker this brings it’s own set of issues, mainly in the name of connectivity and climate. BT traditionally have been able to offer generous enough requirements, but as enterprise technology has evolved to consume more bandwidth, BT have slowly fallen behind. FTTC or Fibre To The Cabinet (VDSL), also known as “Superfast Fibre Optic Broadband” offered by the likes of BT and Sky to name but a couple, serves my needs well providing I have access to a local street cabinet that has a spare port on a VDSL capable device.

So it turns out, after confirmation from BT that our to be purchased house can indeed receive FTTC, we purchased, completed and started renovation work. It was time to place the BT order!

The BT Order

Continue reading

Brocade PyNOS Python Libraries

PyNOS v1.1 has been published. This is a python library that simplifies automating Brocade VDX systems. It is built on top of ncclient, and uses NETCONF to communicate with the VDX systems. Using the libraries is much simpler than writing your own NETCONF calls.

What can I do with it?

Use Python to script configuration or management tasks against VDX devices, e.g.:

• Configure interfaces & VLANs
• Find LLDP neighbors
• Find out which port a MAC is connected to
• Configure BGP
• Configure SNMP

You can also use Python as an interactive shell to run commands against multiple systems.

Examples:

Connect to device and check firmware version & uptime:

>>> import pynos.device
>>> conn = ('172.22.90.100', '22')
>>> auth = ('admin', 'password')
>>> dev=pynos.device.Device(conn=conn, auth=auth)
>>> dev.connection
True
>>> dev.firmware_version
'6.0.1'
>>> dev.system.uptime
{'seconds': '1', 'hours': '13', 'minutes': '0', 'days': '1'}
>>>

Change switchport description:

>>> with pynos.device.Device(conn=conn, auth=auth) as dev:
...     dev.interface.description(
...     int_type='tengigabitethernet', name='225/0/38',
...     desc=’RTR1 Ethernet1’)

Who should use it?

Any Brocade VDX customers that want to automate network configuration – e.g. to integrate with their provisioning systems.

It’s helpful to have Continue reading

Securing the Line When Cutting the Network Cord

Managing the Robot Overlords of SDN

Google Reorganizing Into an Alphabet Soup of Companies

Possibly to appease Wall Street, Google is creating a corporate structure to separate ad revenues from sci-fi experiments.

Retailer Fred’s found payment card malware on two servers

Retailer Fred’s said Monday it found malware that collected payment card details on two of its servers, but it doesn’t appear the data was removed from its systems.The malware was on the servers since March 23, operating through April 8 on one and through April 24 on the other, the company said in a statement. It has since been removed.The malware was designed to collect so-called track 2 data contained on the magnetic stripe of payment cards, which Fred’s said contained the card number, expiration date and verification code. No other customer information is at risk.“During this time period, track 2 data was at risk of disclosure; however, the third-party cyber-security firm did not find evidence that track 2 data was removed from the company’s system,” the retailer said. Law enforcement is also investigating.To read this article in full or to leave a comment, please click here

Asprox botnet, a long-running nuisance, disappears

The Asprox botnet, whose malware-spamming activities have been followed for years by security researchers, appears to be gone.Since 2007, the botnet was used for effective spam campaigns that sought to trick people into downloading malware attachments in emails that purported to be court notices or notifications from services including FedEx, the U.S. Postal Service and American Airlines.But by January, the botnet seemed to be shut down, wrote Ryan Olson, intelligence director for Palo Alto Networks, in a blog post. Throughout 2014, the security company noticed the botnet was distributing Kuluoz, a malware program linked to Asprox.To read this article in full or to leave a comment, please click here

Internet giants to block child porn images using a common list

Facebook, Google, Twitter, Yahoo and Microsoft will take a new step toward combating the spread of child pornography, by blocking images identified in partnership with an industry group.The companies will block images of child sexual abuse that have been identified by the Internet Watch Foundation, a U.K.-based nonprofit that aims to locate and stamp out such content online. The effort is aimed at speeding up the identification and removal of images of child sexual abuse worldwide, and preventing them from being uploaded in the first place.Only known child sexual abuse images identified by the IWF will be blocked. Each company will download a list of images that have been “hashed” by IWF analysts, under a process that creates a digital fingerprint of each image. The hashes are created from images that IWF’s analysts have assessed, which come from various online sources like reports from the public, and the U.K.’s Child Abuse Image Database.To read this article in full or to leave a comment, please click here

Google’s restructuring will let new ventures shine

Google may be best known for its ubiquitous search engine, but it has long been associated with seemingly whimsical ventures into areas as diverse as self-driving cars, drones and human aging. On Monday, it took a step toward making those “side” ventures more legitimate—and more transparent.Thus Alphabet was born, catapulting Google’s top executives into new roles with new titles. Cofounders Sergey Brin and Larry Page are now president and CEO of the Alphabet holding company, respectively, while Sundar Pichai, formerly a vice president in charge of Android, Chrome and Google apps, will become Google’s CEO.To read this article in full or to leave a comment, please click here

Google’s restructuring will let new ventures shine

Google may be best known for its ubiquitous search engine, but it has long been associated with seemingly whimsical ventures into areas as diverse as self-driving cars, drones and human aging. On Monday, it took a step toward making those “side” ventures more legitimate—and more transparent.Thus Alphabet was born, catapulting Google’s top executives into new roles with new titles. Cofounders Sergey Brin and Larry Page are now president and CEO of the Alphabet holding company, respectively, while Sundar Pichai, formerly a vice president in charge of Android, Chrome and Google apps, will become Google’s CEO.To read this article in full or to leave a comment, please click here

Meet Sundar Pichai, Google’s new CEO

As part of a corporate reshuffle announced Monday, Sundar Pichai has been named the CEO of Google as it becomes a subsidiary of a new company called Alphabet. It’s yet another step up for the 43-year-old executive who has been on a meteoric rise through Google’s corporate structure.   Last October, Pichai was named Google’s head of product, which put him in charge of the company’s key businesses like Android, search and Chrome, while then-CEO Larry Page stepped back from the day-to-day responsibility of managing those parts of the company. This corporate restructuring seems to be another move along that path, since Page will become CEO of Alphabet, which will directly control businesses like the Calico life extension and Google X research and development divisions that aren’t in line with Google’s core business.To read this article in full or to leave a comment, please click here

Rackspace Prospects Amazon Web Services, Lowers 2015 Forecast

Rackspace's Q2 features good news, bad news, and a share buyback.

Now serving the Middle East: 4 new data centers, partnerships

Our last embarkation into a new geography coincided with a significant milestone: our 30th data center (and first in Africa) in Johannesburg, South Africa. And as we march past number 40, we’re proud to announce yet another. Introducing CloudFlare’s latest points of presence (PoPs) in Doha, Qatar; Dubai, United Arab Emirates; Kuwait City, Kuwait; and Muscat, Oman. These data centers are the first wave in our MENA (Middle East/North Africa) expansion, and the 39th, 40th, 41st and 42nd data centers, respectively, to join our global network.

Up to this point all CloudFlare traffic delivered to the MENA region was served from our London, Frankfurt, Marseille, Paris and/or Singapore data centers, with round trip latency of up to 200-350ms. As in Africa, local bandwidth in MENA is notoriously expensive making it cost prohibitive to deliver content locally. That is (once again), until now! We're proud to announce the first of a series of agreements with regional carriers including Etisalat, Omantel, Ooredoo, and Zain to help build a better Internet in the region.

How to build a better Internet

A few of the necessary ingredients to build a better Internet include international connectivity (often in Continue reading

BlackBerry denies its OS was to blame in Jeep Cherokee hack

Responding to an accusatory blog post, BlackBerry has again denied that its embedded operating system caused the potentially dangerous vulnerability recently demonstrated in Chrysler Jeep Cherokees.Last month, security researchers demonstrated how to circumnavigate the in-vehicle entertainment system of the Jeep Cherokee to take over the car itself, including control of the dashboard, steering mechanism, transmission, locks, and brakes.Over 1.4 million vehicles have subsequently been recalled to fix the problem. The dealerships will install updated software, though owners can install the update themselves.To read this article in full or to leave a comment, please click here

Some Yahoo Mail users menaced by zombified deleted emails

For Yahoo Mail users, some messages just won’t stay dead.Some users of the company’s popular Mail service report that messages they’ve deleted are reappearing in their inboxes, an issue that some say is a recurring problem.Since the beginning of July, more than 100 complaints have been posted in a forum devoted to Yahoo’s email service. Some users say hundreds if not thousands of emails that they had previously deleted have reappeared. Others say the emails continue to reappear after being deleted again.“I have deleted thousands of emails just to find them still in my inbox,” one user wrote on Monday. “I have better things to do than sit at this computer and do something over and over and over again,” the person wrote.To read this article in full or to leave a comment, please click here

Opera Software considers sale after lowering financial expectations

Opera Software, the company behind the Web browser of the same name, may be seeking a buyer after the company announced lowered expectations for its quarterly and annual financial results.The Norwegian browser maker previously said that it expected revenue of $630 million - 650 million in 2015, but revised that figure Friday to between $600 million and $618 million. It also said that its quarterly revenue would be $146 million, which is at the very bottom of its guidance range for the quarter and $5 million below the expectations of analysts surveyed by Thomson Reuters.Opera’s reduced expectations are a result of lower-than-anticipated returns from company’s mobile advertising business, specifically the non-Instant Play video advertising products from AdColony. While Opera is probably best known for its Web browser, the company actually makes most of its money from its advertising business.To read this article in full or to leave a comment, please click here

Cyber-physical attacks: Hacking a chemical plant

When it comes to hacking chemical plants, for an attacker to go hackedity-hack-hack and then the plant goes boom fortunately only happens in the movies. But “if you plan to improve your financial posture” now and at least in the five years is a good time for security researchers to jump into cyber-physical systems security where you will be most concerned about attacks that cause physical damage.Granted, you and attackers may know a lot about the IT world, and even Industrial Control Systems (ICS) aka SCADA, but hacking a chemical plant means also needing to know some physics, chemistry and engineering. The Damn Vulnerable Chemical Process was developed to help you master new skills; it’s the “first open source framework for cyber-physical experimentation based on two realistic models of chemical plants.”To read this article in full or to leave a comment, please click here

Docker Demo Webinar: FAQ

The Cloud Security Boom Has Just Started

Information security technology is undergoing a generational shift. Once thought of as a collection of point solutions, security technology is moving to the cloud, where a coordinated suite of real-time software tools are needed.